Posted on Apr 17, 2019 by Request Technology - Robyn Honquest
9 month Contract role
Looking for a Security Operations Engineer with Incident Response, Monitoring, Investigation of Security alerts, SIEM, TCP/IP, Firewalls
SOC Engineer 2
This is a 9 month contract. security operations engineer incident response monitoring investigation of security alerts Windows Linux McAfee SIEM Carbon Black Qualys anti-malware TCP/IP Firewalls Routers IPS/IDS packet analysis
The Security Operations Engineer role provides daily incident response in addition to providing 24x7 support and operational availability of Company's security infrastructure. Responsibilities include the monitoring and investigation of security alerts, implementation of new security technologies, day-to-day operations, and change management of all deployed security technologies.
- Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach.
- Monitor and correlate security event log information to identify and detect anomalous activity.
- Document and conform to processes related to security monitoring, patching and incident response.
- Implement techniques using the most advanced technologies to hunt for the unknown threats in the environment
- Appropriately inform and advise management on incidents and incident prevention.
- Participate in knowledge sharing with other analysts and develop solutions efficiently.
- Upgrade security systems by monitoring security environment; identifying security gaps, evaluating and implementing enhancements.
- Enhance department and organization reputation by delivering quality results and exploring opportunities to increase value and raise awareness of Information Security Program.
- At least seven (7) years in an IT-related field.
- At least four (4) years working in IT Security.
- Experience with Security Information and Event Management (SIEM) including event analysis, alert generation, investigations, and reporting.
- Experience investigating security incidents using various security tools including EDR tools such as Carbon Black or CrowdStrike
- Experience with vulnerability analysis and reporting using vulnerability management software such as Rapid7, Nessus, or Qualys.
- Programming and Scripting skills such as PowerShell, VBScript, Python, etc.
Education & Professional Certification
- Bachelor's degree or better in Cyber Security, Information Systems, or any other security-related subject is preferred
- CISSP, CISA, CEH, ECSA or other security-focused certification is preferred
- Strong knowledge of anti-malware technologies.
- Strong knowledge of security administration and role-based security controls.
- Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities.
- Strong knowledge of security systems log correlation and analysis.
- Knowledge of certificate management processes and best practices
- Knowledge of Windows server and Unix/Linux operating systems.
- Knowledge of Networking protocols and technologies, eg TCP/IP, Firewalls, Routers, etc.
- Knowledge of Network security technologies such as Firewalls and IPS/IDS and able to perform basic packet analysis with tools such as Wireshark